Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/1zdX34Jp5dW-jKNu6QznYnt01NI.roa
File: 1zdX34Jp5dW-jKNu6QznYnt01NI.roa (raw, json)
Hash identifier: 4F0sdBrlBMFMJ3U0VjiaL9+u0ub6bg/P30JPfFL8cHU=
Subject key identifier: D7:37:57:DF:82:69:E5:D5:BE:8C:A3:6E:E9:0C:E7:62:7B:74:D4:D2
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 019424449BA1CFC1B0B90249C374A3DDB1DF
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/1zdX34Jp5dW-jKNu6QznYnt01NI.roa
Signing time: Wed 01 Jan 2025 23:47:43 +0000
ROA not before: Wed 01 Jan 2025 23:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206499
IP address blocks: 45.14.68.0/24 maxlen: 32
45.14.69.0/24 maxlen: 24
193.177.223.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:9b:a1:cf:c1:b0:b9:02:49:c3:74:a3:dd:b1:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 23:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d73757df8269e5d5be8ca36ee90ce7627b74d4d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4e:ae:ce:9d:db:87:a3:77:e7:ad:20:a5:c4:
e7:ec:c8:da:e7:47:9b:36:0d:41:3f:17:6d:2a:fe:
e8:86:b0:f5:b6:ea:24:b9:35:9d:5a:5c:2a:19:c7:
84:e0:a9:d2:ac:a3:a1:cc:b3:f4:3e:e3:83:b8:56:
a5:92:39:a0:48:f7:23:10:c1:43:5a:84:0b:b8:37:
05:16:6d:bb:57:ab:70:df:78:3d:53:87:70:d0:12:
64:7f:2c:8c:5b:d5:63:e2:6a:93:89:6e:f6:43:06:
03:9a:26:7f:32:11:39:23:49:83:51:eb:14:d8:d8:
31:1e:b2:41:09:bd:7a:77:cf:fb:06:65:74:14:1f:
e8:7f:51:dd:72:eb:70:e1:7b:5b:57:db:87:c1:14:
3f:f1:66:e8:ae:08:8a:ea:4c:24:78:89:02:ca:d0:
43:d8:b1:d3:b1:17:bd:b4:95:8f:0d:10:5a:b1:30:
57:d8:6b:57:7d:d7:c0:8b:a7:47:3f:34:f5:ae:c7:
0c:f3:87:f2:d6:4d:45:28:e5:03:82:b7:48:cb:da:
8f:b1:36:74:30:1f:5d:42:fa:ca:aa:dd:fc:d1:2a:
e6:31:b4:66:bb:ba:1b:eb:0a:2a:68:05:80:25:1b:
48:80:76:af:4a:de:c0:86:90:d8:c0:78:85:1a:fe:
f3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:37:57:DF:82:69:E5:D5:BE:8C:A3:6E:E9:0C:E7:62:7B:74:D4:D2
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/1zdX34Jp5dW-jKNu6QznYnt01NI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.68.0/23
193.177.223.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:a0:4a:8f:91:87:63:1a:a4:07:4a:e4:20:a2:65:4c:cb:df:
2d:66:b9:d5:c5:18:df:74:a3:92:ae:71:91:21:ec:f3:33:3b:
e8:b4:e6:b2:ed:f9:36:d3:5e:9f:83:69:c4:d6:11:a6:57:e6:
3f:47:31:e0:12:af:a8:29:e5:81:14:85:7a:64:f5:ce:fd:ae:
29:51:d4:3e:23:18:92:17:05:e7:a8:cf:38:c2:20:a0:87:a8:
28:33:7e:6d:37:6a:7a:82:17:8c:76:9a:db:8c:1e:11:28:c0:
6f:81:af:45:8a:4a:0c:5f:56:a3:b0:a9:85:ea:8d:68:7c:c4:
59:1f:cd:e1:2c:31:f0:9c:b4:fc:f4:80:bd:86:1c:d3:57:93:
e0:34:e5:88:49:8c:de:f3:39:f2:b6:fa:e7:ea:da:5a:17:ba:
1a:52:66:aa:ea:17:67:a8:22:37:9d:df:bc:e6:51:e7:61:56:
2a:9b:74:6d:2f:25:70:f9:c4:51:01:48:eb:1e:08:fd:bc:f2:
8a:33:f3:f0:22:11:71:db:c3:ac:70:b6:f3:0c:69:39:02:19:
bc:40:6d:2c:3a:35:ec:1f:86:09:63:32:3d:7b:76:dd:ed:f4:
03:88:0d:75:5f:52:03:e8:aa:7c:54:8c:cc:d7:55:fe:54:89:
30:e6:fb:68
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRJuhz8GwuQJJw3Sj3bHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjUwMTAxMjM0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzM3NTdkZjgyNjllNWQ1YmU4Y2EzNmVlOTBjZTc2MjdiNzRkNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU6uzp3bh6N3560gpcTn7Mja50eb
Ng1BPxdtKv7ohrD1tuokuTWdWlwqGceE4KnSrKOhzLP0PuODuFalkjmgSPcjEMFD
WoQLuDcFFm27V6tw33g9U4dw0BJkfyyMW9Vj4mqTiW72QwYDmiZ/MhE5I0mDUesU
2NgxHrJBCb16d8/7BmV0FB/of1Hdcutw4XtbV9uHwRQ/8WborgiK6kwkeIkCytBD
2LHTsRe9tJWPDRBasTBX2GtXfdfAi6dHPzT1rscM84fy1k1FKOUDgrdIy9qPsTZ0
MB9dQvrKqt380SrmMbRmu7ob6woqaAWAJRtIgHavSt7AhpDYwHiFGv7zFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNc3V9+CaeXVvoyjbukM52J7dNTSMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvMXpkWDM0SnA1ZFctaktOdTZRem5ZbnQwMU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLQ5EAwQA
wbHfMA0GCSqGSIb3DQEBCwUAA4IBAQBsoEqPkYdjGqQHSuQgomVMy98tZrnVxRjf
dKOSrnGRIezzMzvotOay7fk2016fg2nE1hGmV+Y/RzHgEq+oKeWBFIV6ZPXO/a4p
UdQ+IxiSFwXnqM84wiCgh6goM35tN2p6gheMdprbjB4RKMBvga9FikoMX1ajsKmF
6o1ofMRZH83hLDHwnLT89IC9hhzTV5PgNOWISYze8znytvrn6tpaF7oaUmaq6hdn
qCI3nd+85lHnYVYqm3RtLyVw+cRRAUjrHgj9vPKKM/PwIhFx28OscLbzDGk5Ahm8
QG0sOjXsH4YJYzI9e3bd7fQDiA11X1ID6Kp8VIzM11X+VIkw5vto
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:56:57 2025 by rpki-client